Authentication is a procedure used by a communications system to validate a subscriber station's identity upon a request for access to the communications system. The communications system may grant or deny the subscriber station's request for access according to the authentication procedure. Over time, authentication schemes have become more sophisticated to foil fraud as older analog cellular equipment is supplemented or replaced with newer digital equipment.
In many analog cellular systems in wide-spread use throughout the U.S., each authorized cellular phone is assigned a unique Mobile Identification Number (MIN) to prevent fraudulent use of the cellular phone if it is stolen. However, the unique MIN of an authorized cellular phone may be readily programmed into any compatible unauthorized cellular phone. For example, when an authorized user makes a call from an authorized cellular phone, a fraudulent perpetrator may eavesdrop on a cellular call setup sequence of the authorized cellular phone to obtain the MIN. The fraudulent perpetrator then programs the unauthorized cellular phone to have the same MIN that the authorized cellular phone has. Because the unauthorized cellular phone now has the same identity as the authorized cellular phone, the fraudulent perpetrator can make calls from the unauthorized cellular phone that are billed to the user of the authorized cellular phone.
The GSM (Group Special Mobile) cellular system features a more complex approach to authentication and fraud prevention than many analog cellular systems do. GSM determines a traffic channel encoding key at the fixed end for comparison to a traffic channel encoding key determined at the mobile station. At the fixed end, the GSM cellular system has an authentication center including a random number generator, a database for subscriber ciphering keys, and a ciphering/deciphering algorithm. The random number generator generates a random number in response to a mobile station's request for access. The ciphering/deciphering algorithm derives a traffic channel encoding key from the random number and a subscriber ciphering key from the database. The authentication center sends the random number to the base station through communication lines. The base station transmits the random number to the mobile station via radio frequency (RF) communication.
At the mobile end, the mobile station receives the random number and generates the same traffic channel encoding key as the fixed end does. The mobile station generates the same traffic channel encoding key from the random number and its locally-stored subscriber ciphering key. The traffic channel encoding key is generated for use only during a single call between the base station and the mobile station and is regenerated for each new communication.
In addition, to the above authentication procedure, GSM further includes a signed response algorithm for generating a signed response from the subscriber ciphering key and the random generator. If the signed response calculated at the authentication center matches the signed response calculated at the mobile unit, the communication access of the mobile is valid. The comparison of the signed response of the mobile unit and the authentication center is made in the fixed end equipment after the mobile transmits the signed response to the base station.
However, GSM cellular systems may be subject to the same fraudulent use as less sophisticated communication systems because of the subscriber identity configuration. GSM uses an elaborate subscriber identity configuration which includes an international mobile subscriber identity (IMSI) and an international mobile station equipment identity (IMEI). The IMSI is stored on a smart card which is intended to interface with any GSM cellular phone. The GSM cellular phone itself includes an international mobile station equipment identity (IMEI).
The IMSI is normally communicated to the communication system during an access request by the mobile station prior to encryption as described above. The mobile switching center (MSC) may request the transmission of the IMSI from the mobile station for land-line originated calls. Accordingly, an unauthorized eavesdropper may gain information to misappropriate the identity of the valid subscriber's smart card during the unencrypted transmission. In sum, both MIN's and IMSI's are vulnerable to fraudulent activity.
Therefore, a need exists for detecting fraudulent use of a communications system. In particular, a need exists for detecting fraudulent use of conventional analog cellular systems, GSM cellular systems, TDMA cellular systems, and CDMA cellular systems, among others.